IBM says cybercriminals are starting to grab unstructured data, spam has rebloomed 400% and ransomware has just gone nuts Credit: Thinkstock The state of online security is darn dreadful. At least if you look at the results from the IBM Security’s 2017 IBM X-Force Threat Intelligence Index released today which contains myriad depressing nuggets such as: The number of records compromised grew a historic 566% in 2016 from 600 million to more than 4 billion — more than the combined total from the two previous years. In one case, a single source leaked more than 1.5 billion records [see Yahoo breach]. In the first three months of 2016, the FBI estimated cybercriminals were paid a reported $209 million via ransomware. This would put criminals on pace to make nearly $1 billion from their use of the malware just last year. In 2016, many significant breaches related to unstructured data such as email archives, business documents, intellectual property and source code were also compromised. The most popular types of malcode we observed in 2016 were Android malware, banking Trojans, ransomware offerings and DDoS-as-a-service vendors. Since DDoS tools are mostly sold as a service and not as malware per se, we will focus here on banking Trojans, Android malware and ransomware. In December 2016, a malware developer with an ongoing banking Trojan project showed up in underground forums, aspiring to sell some licenses as he worked on completing the development of all its modules. The actor promised to deliver future capabilities, such as a Socket Secure (SOCKS) proxy and hidden virtual network computing alongside technical support and free bug fixes. The malware was named Nuclear Bot, or NukeBot, at the time. IBM wrote it has yet to see NukeBot/Micro Bot active in the wild, analyses performed by X-Force and other vendors found that it has the potential to rise in 2017 and bring back commercial Trojan sales in the underground. In 2015, Healthcare was the most attacked industry with Financial Services falling to third, however, attackers in 2016 refocused back on Financial Services. IBM did note that while the healthcare industry continued to be beleaguered by a high number of incidents, attackers hit on smaller targets resulting in a lower number of leaked records. In 2016, only 12 million records were compromised in healthcare – keeping it out of the top 5 most-breached industries. For perspective, nearly 100 million healthcare records were compromised in 2015 resulting in an 88% drop in 2016, IBM stated. +More on Network World: IBM warns of rising VoIP cyber-attacks+ “With Internet-shattering distributed-denial-of-service (DDoS) attacks, troves of records leaked through data breaches, and a renewed focus by organized cybercrime on business targets, 2016 was a defining year for security. Indeed, in 2016 more than 4 billion records were leaked, more than the combined total from the two previous years, redefining the meaning of the term “mega breach.” In one case, a single source leaked more than 1.5 billion records,” IBM wrote. “While the volume of records compromised, last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways,” said Caleb Barlow, Vice President of Threat Intelligence, IBM Security. +More on Network World: Old nemesis spam becoming significant way for attackers to subvert data+ The IBM X-Force Threat Intelligence Index is elicits response from more than 8,000 security clients in 100 countries and data derived from non-customer assets such as spam sensors and honeynets in 2016. IBM X-Force runs network traps around the world and monitors more than eight million spam and phishing attacks daily while analyzing more than 37 billion web pages and images. Check out these other hot stories: Cisco expands wireless reach with access points, management software 5 burning questions with new IETF Chair and Cisco Fellow Alissa Cooper Cisco Talos warns of Apple iOS and MacOS X.509 certificate flaw FTC warns on “Can you hear me now” robocall: Hang up! Cisco: IOS security update includes denial of service and code execution warnings Can you imagine Mars with Saturn-like rings? Cisco closes AppDynamics deal, increases software weight Juniper extends data center interconnect options Cisco issues critical warning after CIA WikiLeaks dump bares IOS security weakness DARPA wants to cultivate the ultimate transistor of the future DARPA plan would reinvent not-so-clever machine learning systems Cisco security advisory dump finds 20 warnings, 2 critical Related content news analysis FBI/IC3: Vile $5B business e-mail scam continues to breed FBI/IC3 reports over 40,000 worldwide victims and $5 billion in the latest reckoning By Michael Cooney May 08, 2017 5 mins Security news analysis Ultimate geek dream? NASA challenges you to jump on the FORTRAN bandwagon! NASA opens High Performance Fast Computing Challenge By Michael Cooney May 05, 2017 4 mins Government Open Source Enterprise Applications news analysis Fragmented, disorganized IT systems thwart feds ability to track visas DHS OIG says ineffective IT process has contributed to a backlog of more than 1.2 million visa overstay cases. By Michael Cooney May 04, 2017 5 mins Analytics Data Center Security news analysis TSA: “As you can imagine, live anti-tank rounds are strictly prohibited altogether.” TSA finds live anti-tank round in carry-on bag By Michael Cooney Apr 28, 2017 2 mins Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe